So far in this series, Justin and I have provided tips for securing the foundations of your AWS deployment. Taken together, these tips work to reduce the overall attack surface—the area exposed to the outside world—of your application. Now it’s time to add the next layer of controls to you application, starting with a host-based…

Last week, Justin covered some of the high level issues around AMI development. This week, we’re going to take a look at how to protect the guest operating system running on your EC2 and VPC instances. AWS Recommendations AWS had published quite a few papers around their services. AWS Security Best Practices [PDF] and AWS Risk and…